There are different digital forensic tools (both software and hardware) that can be utilized to create forensic images of media. Both software and hardware imaging have their advantages and disadvantages. In Linux, the dd, or dc3dd commands can be used from the terminal to make a bit-by-bit copy of the data. Even if the system is running Windows, an incident responder can boot the system to a live DVD or a Linux operating system running off a USB drive and can run the dd command.
FTK Imager can also be used via a USB drive to create forensic images. The responder needs to have a firm grasp of how Windows O/S assigns drive letters to hard drives and partitions and how Linux O/S mounts hard drives and partitions. In this unit’s lab we will be using FTK Imager, a graphical user interface (GUI) tool, to create a forensic image, but let’s use this discussion to discuss some of the Linux terminal utilities available for media imaging.
Select a tool below or another tool you are aware of and research it.
Some examples of tools on Kali or Linux commands you can discuss include:
- dd
- dc3dd
- dcfldd
- ddrescue
- ewfacquire
- guymanager
- affcat
If someone has already picked one of the above tools, pick a different tool. In your response, describe what the digital forensic tool is, where you found it, and the pros and cons of the tool. Also, include a screenshot of the tool.
In your response, describe what the tool is, where you found it, and the pros and cons of the tool. Also, include a screenshot of the tool.
Post your response to include a minimum of one screenshot of the tool and a minimum of two paragraphs that describe the tool. Also, make sure you add your reference(s) in APA format.
Get this or a similar paper done in as fast as 4 hours, 24/7.
NB: We do not sell prewritten papers. All essays are written from scratch according to specific needs and instructions
Leave a Reply
You must be logged in to post a comment.